Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

New Access Models for Healthcare


Published on


Currently, there is a convergence of three key factors in the global landscape that creates an opportunity for the research community to make fundamental contributions to improving the quality of life of every single citizen. Conversely, failure to recognize and act on this phenomenon may have disastrous effects on multiple levels. The first factor is the unprecedented focus and willingness to invest in the healthcare industry. The second factor is the fact that the prime directive of the healthcare sector, i.e. nothing interferes with the delivery of care, has ramifications on every aspect of information technology used in this domain. The final factor is the recognition that patient empowerment and buy-in will be critical for the advance of health information technology. These factors highlight the fact that there are inherent assumptions in the existing access models that render them ineffective and not applicable for long term use in the healthcare field.

This talk will highlight all these issues and challenge the research community to delve more the industry-specific constraints that require further innovation in the space; possibly necessitating a re-examination of the core assumptions in the field.


Tyrone Grandison is currently the Program Manager for Core Healthcare Services in the Healthcare Transformation group of the IBM Services Research organization (Hawthorne, New York). His immediate interests are in developing innovative solutions for ensuring patient privacy protection and for integrating information from multiple sources to get more complete views of patients to enable better decision making. Prior to this, Tyrone led the Intelligent Information Systems (Quest) team in the Computer Science department at the IBM Almaden Research Center (San Jose, California). The team pioneered research in Relational Database Privacy, Disclosure-Compliant Query Processing for RFID and Mobile Data Networks, Security Exception Handling in Healthcare Information Systems and Large Scale Text Analysis of Online Data. Tyrone is a Distinguished Engineer of the Association of Computing Machinery (ACM), Senior Member of the Institute of Electrical and Electronics Engineers (IEEE) and has been further recognized by the IEEE (2010 Technical Achievement Award), the National Society of Black Engineers (i.e. Pioneer of the Year 2009) and the Black Engineer of the Year Award Board (i.e. Modern Day Technology Leader 2009, Minority in Science Trailblazer 2010). Tyrone received his B.Sc. and M.Sc. degrees from the University of the West Indies, Jamaica in 1997 and 1998, respectively, and a Ph.D. degree from the Imperial College of Science, Technology and Medicine in the United Kingdom.

Presented: June 9, 2010

Published in: Technology, Business
  • Be the first to comment

New Access Models for Healthcare

  1. 1. New Access Models for Healthcare Tyrone Grandison, PhD Program Manager, Core Healthcare Services, IBM Services Research Keynote – June 9 th , 2010. 15th ACM Symposium on Access Control Models and Technologies (SACMAT) 2010. Pittsburgh, USA.
  2. 2. Disclaimer <ul><li>The opinions expressed in this talk are strictly my own and are not attributable to any corporation, organization or body that I am associated with. </li></ul>
  3. 3. Why Am I Here? <ul><li>To provoke and promote thought. </li></ul><ul><li>To spur discussion and debate. </li></ul><ul><li>To share </li></ul><ul><ul><li>Observations about the global healthcare community </li></ul></ul><ul><ul><li>Experiences with healthcare clients </li></ul></ul><ul><ul><li>Implications of healthcare research </li></ul></ul>
  4. 4. Topics To Be Covered <ul><li>Why is this now an interesting research area? </li></ul><ul><ul><li>Economic Investment </li></ul></ul><ul><ul><li>The Prime Directive </li></ul></ul><ul><ul><li>Patient Empowerment and Buy-In </li></ul></ul><ul><li>What does the convergence of these factors mean? </li></ul><ul><ul><li>The good, the bad and the expected. </li></ul></ul><ul><li>The World As It Is Today </li></ul><ul><ul><li>The Healthcare Operating Environment </li></ul></ul><ul><ul><li>Current Access Control Technology </li></ul></ul><ul><ul><li>Bridging the Divide </li></ul></ul><ul><li>Call To Action </li></ul>
  5. 5. Worldwide Health IT Investment North America US ARRA – $20.4B Canada –$3.1B CDN (InfoWay) Asia China – $4.2B Singapore – $1.1B SIN Europe UK – ₤20.4B Middle East Saudi Arabia – $14B Worldwide EMR – $10B in 2010  $30B in 2019 * EMR Adoption US – 10% AUS – 25% UK – 59% CAN – 14% NZ – 52% Additional Opportunities Clinical Decision Intelligence: $75M (2010), $3.1B (2019) Health Analytics: Health analytics: $2.3B, $3.29B (2014) Cloud Computing for HCLS: $1.04B (2010), $6.2B (2014) Source: IBM Global Technology Outlook (Feb 2010) Impact: Healthcare-specific research is on rise
  6. 6. Prime Directive <ul><li>Adapted from Star Trek </li></ul><ul><ul><li>The most prominent guiding principle of the United Federation of Planets </li></ul></ul><ul><ul><li>Stipulates that there can be no interference with the internal development of pre-warp civilizations </li></ul></ul><ul><ul><ul><li>consistent with the concept of Westphalian sovereignty - the concept of nation-state sovereignty based on two principles: territoriality and the exclusion of external actors from domestic authority structures. </li></ul></ul></ul><ul><li>Useful Notion when building Industry-focused Security Technology * </li></ul><ul><ul><li>Entertainment: Do not interrupt the cash flow </li></ul></ul><ul><ul><li>Finance: Do not disturb the ticker </li></ul></ul><ul><ul><li>Healthcare: Nothing interferes with the delivery of care </li></ul></ul>Impact: Security controls in Healthcare IT systems are routinely circumvented Grandison, T., Davis, J. &quot;The Impact of Industry Constraints on Model-Driven Data Disclosure Controls&quot; . The Proceedings of the 1st International Workshop on Model-Based Trustworthy Health Information Systems (MOTHIS). Nashville, Tennessee. Sept 2007. * Source:
  7. 7. Patient Empowerment and Buy-In <ul><li>Privacy! Privacy! Privacy! </li></ul><ul><ul><li>Sweeping concept meaning many things – control over one’s body or data, freedom of thought, solitude in one’s home, protection from searches and interrogations * </li></ul></ul><ul><ul><li>“Privacy is a value so complex, so entangled in competing and contradictory dimensions, so engorged with various and distinct meanings that I sometimes despair whether it can be addressed at all” + </li></ul></ul><ul><ul><li>“a deep concern over the preservation of privacy under the new pressures from surveillance technology” - </li></ul></ul>Impact: Privacy is complex, interesting, of some concern. <ul><ul><li>“ The panic about privacy has all the fingerpointing and paranoia of a good old American scare, but it’s missing one vital ingredient: a genuinely alarmed public. Americans care about privacy mainly in the abstract.” ^ </li></ul></ul><ul><ul><li>“ Most people, when other interests are at stake, do not care enough about privacy to value it” # </li></ul></ul><ul><ul><li>Despite all this, it is globally assumed that every citizen has a “reasonable expectation of privacy” (United Nations Universal Declaration of Human Rights of 1948, The European Convention of Human Rights of 1950) </li></ul></ul>* Solove, D. “Understanding Privacy&quot; . Harvard University Press. 2009. + Prost, R. C. “Three Concepts of Privacy” , 89 Georgetown Law Journal 2087,2087 (2001). - Westin, A. “Privacy and Freedom” . New York: Atheneum. 1967. ^ Franzen, J. “How to be Alone” . Picador. 2003. # Gotlieb, C. C. “Privacy: A Concept Whose Time Has Come and Gone” . Computers, Surveillance and Privacy , 156. 1996 Sources:
  8. 8. Patient Empowerment and Buy-In & Technology <ul><li>Privacy-enhancing technologies (PET) and research is vibrant </li></ul><ul><ul><li>Definition normally assumed: “Privacy is the right of individuals to determine for themselves when, how and to what extent information about them is communicated to others” (Alan Westin) </li></ul></ul><ul><ul><li>Technology Protection Levels: Data, Application, Network. </li></ul></ul><ul><li>Highlight: Technical Privacy Controls build upon Security Controls are grounded in Access Control mechanisms. </li></ul><ul><li>Observation: Lots of work, research, products in access control field. </li></ul><ul><li>Question: How has PET impacted Healthcare? Has it led to Patient Empowerment? Has it been effective in getting patient buy-in? </li></ul>Impact: Access Control technology currently ineffective for Patient empowerment and Buy-In.
  9. 9. Patient Empowerment and Buy-In & Healthcare Trends <ul><li>Top Five Issues in Investigated Cases Closed with Corrective Action, by Calendar Year </li></ul>Observation 1: For the most part, Privacy Incidents seem to be on an upward trajectory. Observation 2: (Technical) Access Control issues have consistently been the top 3 issues. Health Information Privacy Resolutions Source: US Department of Health and Human Services
  10. 10. What does this all mean? <ul><li>Whole nations see the need for innovation and investment in Healthcare IT and Research, in order to: 1) reduce medical errors, 2) lower costs, and 3) improve patient care. </li></ul><ul><ul><li>There is an assumption that the systems will be secure and privacy-preserving </li></ul></ul><ul><ul><li>There is an expectation that the next set of delivered systems will yield all these results (and not necessarily be a first step in a much longer process) </li></ul></ul><ul><li>The Prime Directive of Healthcare creates a criteria for the sustained use or irrelevance of healthcare IT </li></ul><ul><ul><li>This includes access control technology used in the health industry. </li></ul></ul><ul><li>Patient Empowerment (and Buy-in) is currently not being achieved by the contemporary set of access control technologies. </li></ul><ul><li>Positives </li></ul><ul><li>An amazing opportunity when the right factors converge to create an opportunity like no other – the power to influence a receptive industry in a relatively short timeline and positively impact the lives of billions of people. </li></ul><ul><li>Concerns </li></ul><ul><li>Super-hyped expectations, under-delivery, mis-focus, under-utilization, faulty assumptions may render health security/privacy a fad and negatively impact research in the field in years to come. </li></ul>Security Researchers need to step it up and to Proceed with Caution.
  11. 11. Where Not To Go <ul><li>Phases: </li></ul><ul><li>Technology trigger – Something generates significant interest in the technology. </li></ul><ul><li>Peak of inflated expectations – Over-enthusiasm and unrealistic expectations arise from a “frenzy of publicity”. Some successful stories arise, but there are typically more failures. </li></ul><ul><li>Trough of disillusionment – Failure to meet expectations leads to technology losing its fashionable status and is abandoned by the press. </li></ul><ul><li>Slope of enlightenment – Some businesses continue to use the technology and experiment to understand how it can be used effectively. </li></ul><ul><li>Plateau of productivity – Benefits become widely demonstrated and accepted either broadly or within a niche. </li></ul>Gartner’s Hype Cycle <ul><li>The natural trajectory of similar phenomena – stuck in phase 3 of the Hype Cycle. </li></ul><ul><li>The goal is to help research avoid this at all costs. </li></ul>
  12. 12. How to Proceed? <ul><li>Back to Basics </li></ul><ul><ul><li>A clear and neutral evaluation of the healthcare ecosystem </li></ul></ul><ul><ul><li>A precise articulation of the access control requirements needed and expected. </li></ul></ul><ul><ul><li>A brutally honest evaluation (and gap analysis) of existing technologies. </li></ul></ul>This talk will not present all these concerns in detail. Remember: PROVOKE and PROMOTE THOUGHT Here, I provide clarity on how we got here and present a set of initial gaps.
  13. 13. The Healthcare Operating Environment <ul><li>Business </li></ul><ul><li>What current tactical market needs offer the best yield? </li></ul><ul><li>What strategies should I employ to maximize my desired outcomes? </li></ul><ul><li>How best do I execute pipeline management on both service delivery and technology development? </li></ul><ul><li>Legal </li></ul><ul><li>What are legislative requirements I have to meet? </li></ul><ul><li>How do the requirements impact my offerings (both in terms of process and technology development)? </li></ul><ul><li>Are there additional compliance costs? </li></ul><ul><li>Social </li></ul><ul><li>What are the requirements emerging from the technology users and service consumers? </li></ul><ul><li>How will all sets of end-users effectively interact or use the offering? </li></ul><ul><li>What are the users’ expectations? </li></ul><ul><li>Technology </li></ul><ul><li>What technical innovations solve the current problem (set)? </li></ul><ul><li>How to improve on the current technology suite? </li></ul><ul><li>Build, retrofit, acquire, research or a mix? </li></ul>This Operating Environment is not specific to only the Healthcare market. It applies to other industries too As researchers, Technology and Social are the most immediate areas of contribution.
  14. 14. Healthcare Technology Cycle (Of Olde) <ul><li>Relevant Observations: </li></ul><ul><li>Patients and Doctors are technology consumers, yet nowhere are their requirements acquired or interactions with the technology noted. </li></ul><ul><li>Funding and Re-investment model is skewed towards the interests of the technology producers. </li></ul><ul><li>Change to Modern Cycle: Hobbyist is a larger, more generic group. </li></ul>Has an idea on how to use technology to “improve healthcare” and develops a prototype Hobbyist Research Development Healthcare Company Patient Further refines Productizes Commercializes Sells to Resells to Sells to
  15. 15. So, What’s The Big Problem? And Why Do I Care Again? <ul><li>Problem: The marketplace is filled with expectations (both from businesses and patients). </li></ul><ul><ul><li>Both may have objective functions that are not always in sync. </li></ul></ul><ul><ul><li>This creates a harmonious system of conflicts, that are often resolved through public relations. </li></ul></ul><ul><li>This dichotomy highlights a very important point: </li></ul><ul><ul><li>Your beliefs or expectations on or about a particular aspect of the healthcare system may not always be a function of what is real. </li></ul></ul><ul><li>This is one of the more prominent reasons why Researchers should care – to bridge the gap between reality and the matrix. </li></ul>The Real World The Matrix
  16. 16. Access Control Beliefs in Healthcare <ul><li>(Patients): Their healthcare data is their own and that actions are only performed that are to their benefit, i.e. they assume they retain data ownership rights . </li></ul><ul><li>(Patients): Healthcare providers and payers use their data responsibly and safely in order to delivery the best care, i.e. they assume that they have great data stewards . </li></ul><ul><li>(Patients): They have strong legal protections in place to safeguard their information. </li></ul><ul><li>(Patients): Their data is always protected. </li></ul><ul><li>(Patients): They ultimately have a say in the use of their data. </li></ul><ul><li>(Patients): They have the right and ability to see what is happening with data. </li></ul><ul><li>(Patients): Assume that mature security technology exists to address a majority of their concerns. </li></ul><ul><li>(Practitioners): Security technology will seamlessly integrate their way of doing things. </li></ul><ul><li>(Payers): Security and Privacy controls are counter to their objective function. </li></ul><ul><li>(Practitioners, Payers): Access Control solutions negatively impact service delivery. </li></ul><ul><li>Sources: </li></ul><ul><li>California Healthcare Foundation. &quot;Consumers and Health Information Technology: A National Survey&quot; . April 2010. </li></ul><ul><li>Ponemon Institute. &quot;Americans' Opinions about Healthcare Privacy&quot; , January 2010. </li></ul><ul><li>Deloitte Center for Health Solutions. “Global 2010 Survey of Health Care Consumers”, 2010. </li></ul><ul><li>Ponemon Institute. “Electronic Health Information at Risk” , October 2009. </li></ul><ul><li>Ackerman, L. &quot;A Consumer Perspective on Healthcare Privacy&quot; . 2006. </li></ul>
  17. 17. Access Control in Healthcare Realities <ul><li>All access control technologies are specified from the perspective of the entity that stores the data. </li></ul><ul><ul><li>They assume that once the data is in one’s possession, then you are the data owner. </li></ul></ul><ul><ul><li>Succinctly: data stewardship equals data ownership . </li></ul></ul><ul><ul><li>Access control policy is written by the security admin, whose allegiance is to the interests of the firm he/she works for. </li></ul></ul><ul><li>Technologies that enforce compliance legislation compliance cannot be assumed to offer strong legal protections for a patient. </li></ul><ul><li>Security exceptions represent a high proportion of data accesses (varies by region and function, but reported over 50% in most cases). </li></ul><ul><li>Patient Choice is not a fundamental facet of current access control systems. </li></ul><ul><li>Workflow Access Control systems few and still in the research phase. </li></ul><ul><li>Patient Accountability and Transparency controls are still in the plan phase for healthcare. </li></ul><ul><li>Sources: </li></ul><ul><li>Grandison, T., Bhatti, R. &quot;HIPAA Compliance and Patient Privacy Protection&quot; . To appear in the Proc. of the 13th World Congress on Medical and Health Informatics (MEDINFO). September 12-15, 2010. Cape Town, South Africa. </li></ul><ul><li>Rostad L., Edsberg, O. “A study of access control requirements for healthcare systems based on audit trails from access logs” . In Proc. of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference (ACSAC), Miami Beach, Florida, USA, December 2006. </li></ul><ul><li>Russello, G., Dong, C., Dulay, N. “A Workflow-Based Access Control Framework for e-Health Application” , International Conference on Advanced Information Networking and Applications Workshops, 2008. </li></ul><ul><li>Computer Science and Telecommunications Board. “For the Record: Protecting Electronic Health Information” . National Academies Press. 1997. </li></ul>
  18. 18. The Initial Hard Access Control Questions <ul><li>Re-enforcing the separation between church and state (i.e. steward and owner) </li></ul><ul><ul><li>For RBAC systems, </li></ul></ul><ul><ul><ul><li>Is it as simple as added an extra construct ???? </li></ul></ul></ul><ul><ul><ul><li>If so, what is the impact on the standard operation of a RBAC system? </li></ul></ul></ul><ul><ul><ul><li>How does one deal with the mindset change necessary to provide consistent use of this idea? </li></ul></ul></ul><ul><ul><ul><li>How does one specify the owner’s data handling desires/preferences and combine them into a larger policy for the data steward that can be consistently, reliably and efficiently enforced? </li></ul></ul></ul><ul><li>Handling the evolution of exceptions </li></ul><ul><ul><li>Are current proposals sufficient? If so, should they be standardized? (at least for healthcare) </li></ul></ul><ul><li>Modeling Choice </li></ul><ul><ul><li>Is it just re-thinking a matter of rethinking notification? </li></ul></ul><ul><li>…………………… </li></ul>
  19. 19. Insert Solution Here
  20. 20. CONCLUSION <ul><li>It is a great time to do Healthcare security and privacy research </li></ul><ul><ul><li>It is important work with grave consequences and amazing benefit. </li></ul></ul><ul><ul><li>There is currently significant investment in Health IT </li></ul></ul><ul><ul><li>There are interesting Industry constraints that make this work research-worthy. </li></ul></ul><ul><ul><li>There is a more aware public whose cooperation must be had to extract value from these health IT systems. </li></ul></ul><ul><li>The expectations are tremendous and we must deliver or face possible stagnation in future. </li></ul><ul><li>BLTS  and the influence of technology producers has led to: </li></ul><ul><ul><li>A misalignment of perception and practice, i.e. the creation of a matrix </li></ul></ul><ul><ul><li>The creation of technology with assumptions that were taken as the natural order of things, but which do not serve the technology end-users. </li></ul></ul><ul><li>Most dominant, engrained and subtle of these assumptions is the equality of data stewardship and data ownership . </li></ul><ul><li>Access Control research must also provide more focused support for exception life cycle management, choice, workflow integration and patient accountability and transparency for Healthcare. </li></ul><ul><ul><li>The good news is that there is initial in some of these areas. </li></ul></ul><ul><ul><li>The bad news is that the public and funders expect harden technology (not research code) in the next wave of health IT. </li></ul></ul>
  21. 21. CALL TO ACTION <ul><li>Hopefully, you are now (somewhat) convinced that the current state of Access Control practices in Healthcare needs improvement. </li></ul><ul><li>If not, evaluate it for yourself. Engage hospitals, medical research centers, etc. </li></ul><ul><li>Listen to them and get their requirements. </li></ul><ul><ul><li>Don’t try to fit your exotic solution to whatever problem they state. Find the genuine solution. </li></ul></ul><ul><ul><li>Learn how they work. Understand their motivations. </li></ul></ul><ul><ul><li>Learn how they interact and use technology systems. </li></ul></ul><ul><ul><li>Uncover their assumptions. </li></ul></ul><ul><ul><li>Wash, Rinse and Repeat for patients. </li></ul></ul><ul><li>Question! Question! Question! </li></ul><ul><ul><li>Question your models. </li></ul></ul><ul><ul><li>Question your assumptions. </li></ul></ul><ul><ul><li>Question your motivations. </li></ul></ul><ul><ul><li>Understand how everything fits into the BLTS considerations </li></ul></ul><ul><li>Deliver </li></ul><ul><ul><li>Understand their expectations </li></ul></ul><ul><ul><li>Manage their expectations </li></ul></ul><ul><ul><li>Never under-deliver. </li></ul></ul>
  22. 22. <ul><li>You take the Blue Pill , </li></ul><ul><li>The story Ends. You wake up in your bed and believe whatever you to believe. </li></ul><ul><li>You take the Red Pill , </li></ul><ul><li>You stay in Wonderland and I show You how deep the rabbit hole goes. </li></ul><ul><li>I'm only offering you the TRUTH </li></ul><ul><li>Nothing more </li></ul>